Why Colin Powell no longer trusts email

Former US secretary of state was hacked, despite two-factor authentication

Email is an unsecure platform that's impossible to properly protect currently, former US secretary of state Colin Powell has claimed.

The US army general, who served under four presidents, including as secretary of state under the George W Bush administration, used his keynote speech at Citrix Synergy 21017 to admit to having had his emails hacked twice.

"I've been hacked twice and both times ... I've had double factor authentication, I've had all kinds of barriers in the way and they still got in and the forensics guys can't find out why," he told delegates. "So I had to change my lifestyle and go to fax machines, go to texts that are encrypted and use email strictly for housekeeping things.

"They keep giving me new things to do with my emails to protect it, but I no longer have confidence in being able to protect it." Powell didn't say when these hacks occurred nor how successful they were.

Advertisement - Article continues below

Indeed, fax has been the communication method of choice for Powell throughout his career, as he feels it's more secure.

As chairman of the joint chiefs of staff in 1991, he was responsible for the initiation and oversight of Operation Desert Storm. Speaking about when he gave the order to commence the conflict, he said: "We had one of the most perfectly secure means of doing it. Not something you might think of now, but it was the fax machine.

"I had a fax machine in my office, my executive assistant ran it, [my counterpart in the Gulf] had a fax machine in his office and his executive assistant ran it. And by using that secure, covered fax machine I knew that the order only went from one person to one person. It wasn't a cable that could spread around all over the organisation."

Powell also spoke of the importance of being reasonable and rational when it comes to organisations deciding what information should be kept secret and what should be treated more openly lest it prevent people from doing their jobs.

"One of the challenges we're all facing now [that] I faced when I became secretary of state, is how to make sure you have ... [a] system that is getting [information] to where it has to be when it's needed in order to be actionable," Powell said.

He said it's important to "triage" information treating as secret only the things that need to be secret.

"[You have to] make sure you're not cluttering the whole system by over-classifying things and by making sure that you have a system that will make that differentiation," he said.

Main image credit: Jane McCallion/IT Pro

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now



Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019

Five signs that it’s time to retire IT kit

29 Nov 2019

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019